package com.ml.ws.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.Assert;

public class LoginAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

	public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
	public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password";  
	public static final String SPRING_SECURITY_FORM_REDERICT_KEY = "spring-security-redirect";
	
	private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;  
    private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;  
    private String redirectParameter = SPRING_SECURITY_FORM_REDERICT_KEY;  
    private boolean postOnly = true;  
	
    public LoginAuthenticationFilter() {  
        super();  
     } 
    
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request,
    		HttpServletResponse response) throws AuthenticationException {
    	
    	if (postOnly && !request.getMethod().equals("POST")) {  
            throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());  
        }  
    	String username = obtainUsername(request);  
        String password = obtainPassword(request);  
        String redirectUrl = obtainRedercitUrl(request);  
        if (username == null) {  
            username = "";  
        }  
        if (password == null) {  
            password = "";  
        }  
        //自定义回调URL，若存在则放入Session  
        if(redirectUrl != null && !"".equals(redirectUrl)){  
            request.getSession().setAttribute("callCustomRediretUrl", redirectUrl);  
        }  
        username = username.trim();  
        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);  
        // Allow subclasses to set the "details" property  
        setDetails(request, authRequest);  
        return this.getAuthenticationManager().authenticate(authRequest);  
    }
    
    protected String obtainPassword(HttpServletRequest request) {  
        return request.getParameter(passwordParameter);  
    }  
    protected String obtainUsername(HttpServletRequest request) {  
        return request.getParameter(usernameParameter);  
    }  
    protected String obtainRedercitUrl(HttpServletRequest request) {  
        return request.getParameter(redirectParameter);  
    }  
    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {  
        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));  
    }  
    public void setUsernameParameter(String usernameParameter) {  
        Assert.hasText(usernameParameter, "Username parameter must not be empty or null");  
        this.usernameParameter = usernameParameter;  
    }  
    public void setPasswordParameter(String passwordParameter) {  
        Assert.hasText(passwordParameter, "Password parameter must not be empty or null");  
        this.passwordParameter = passwordParameter;  
    }  
    public void setPostOnly(boolean postOnly) {  
        this.postOnly = postOnly;  
    }  
}
